CiscoCISCO-SA-20151028-ASRCisco ASR 5500 SAE Gateway BGP Denial of Service Vulnerability
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
56.0%
A vulnerability in the Border Gateway Protocol (BGP) input packet handler in the Cisco ASR 5500 System Architecture Evolution (SAE) Gateway could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the BGP process restarts unexpectedly.
The vulnerability is due to lack of proper input validation of the BGP packet header. An attacker could exploit this vulnerability by sending a crafted BGP packet to the affected device. An exploit could allow the attacker to cause a partial DoS condition because the BGP process restarts unexpectedly.
Cisco has released software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are available.
This advisory is available at the following link:
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | asr_5000_series_software | any | cpe:2.3:a:cisco:asr_5000_series_software:any:*:*:*:*:*:*:* |
| cisco | asr_9904 | 5000_series_software | cpe:2.3:h:cisco:asr_9904:5000_series_software:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
56.0%